Symantec's Norton AntiVirus source code leaked online?

Symantec has started an investigation after a group of hackers claimed to have gained possession of the source code for the security firm's Norton AntiVirus software.

Security firm investigates following claims on Pastebin

By
Carrie-Ann Skinner
| 06 Jan 2012

Symantec has started an investigation after a group of hackers claimed to have gained possession of the source code for the security firm's Norton AntiVirus software.

The Lords of Dharmaraja hacking group says they obtained source code and documentation from servers belonging to Indian intelligence agencies.

"As of now we start sharing with all our brothers and followers information from the Indian Military Intelligence servers," they said in a post to Pastebin, which has since been deleted by can be found in Google's cache.

"So far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI."

The post also contained a document that detailed the application programming interface (API) for Symantec's service that generates virus definition.

Cris Paden, Symantec's senior manager of corporate communications, said the document is from over a decade ago and does not reflect how the security firm's systems work at present.

"This document explains how the software is designed to work (what inputs are accepted and what outputs are generated) and contains function names, but there is no actual source code present," he told the IDG news service.

"The information in the 1999 document has no bearing or impact on our current products, i.e., the information in the document cannot be used to impair or corrupt our current solutions."

While the Lords of Dharmaraja have not yet posted the Norton AntiVirus source code online, they plan to release this in the future. If the code is current, it will give malware writers the ability to avoid detection.

"We are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies," the Pastebin post added. In a second post, the hacking group details files that feature in the source code.

However, Symantec said it could not confirm if the file listing does indeeed relate to the source code.

"A second claim has been made by the same group regarding additional source code and we're currently investigating that. For that one, we don't have any information to provide as of yet," Paden said.